Compare commits

...

No commits in common. "stream-nginx-1.16-rhel-8.9.0" and "c8-stream-1.16" have entirely different histories.

23 changed files with 3 additions and 74 deletions

3
.gitignore vendored
View File

@ -1,5 +1,2 @@
SOURCES/nginx-1.16.1.tar.gz SOURCES/nginx-1.16.1.tar.gz
SOURCES/poweredby.png SOURCES/poweredby.png
/nginx-1.16.1.tar.gz
/nginx-logo.png
/poweredby.png

2
.nginx.metadata Normal file
View File

@ -0,0 +1,2 @@
77ce4d26481b62f7a9d83e399454df0912f01a4b SOURCES/nginx-1.16.1.tar.gz
2ec82988cd0d9b1304c95a16b28eff70f0f69abc SOURCES/poweredby.png

BIN
SOURCES/nginx-logo.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 368 B

View File

@ -19,7 +19,7 @@
Name: nginx Name: nginx
Epoch: 1 Epoch: 1
Version: 1.16.1 Version: 1.16.1
Release: 3%{?dist} Release: 1%{?dist}
Summary: A high performance web server and reverse proxy server Summary: A high performance web server and reverse proxy server
Group: System Environment/Daemons Group: System Environment/Daemons
@ -59,12 +59,6 @@ Patch3: nginx-1.14.1-perl-module-hardening.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1643647 # https://bugzilla.redhat.com/show_bug.cgi?id=1643647
Patch4: nginx-1.16.0-enable-tls1v3-by-default.patch Patch4: nginx-1.16.0-enable-tls1v3-by-default.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1790277
Patch5: nginx-1.16.1-CVE-2019-20372.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1963121
Patch6: nginx-1.16.0-CVE-2021-23017.patch
%if 0%{?with_gperftools} %if 0%{?with_gperftools}
BuildRequires: gperftools-devel BuildRequires: gperftools-devel
%endif %endif
@ -195,8 +189,6 @@ Requires: nginx
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
%patch6 -p1
cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} . cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} .
@ -469,15 +461,6 @@ fi
%changelog %changelog
* Wed May 26 2021 Luboš Uhliarik <luhliari@redhat.com> - 1:1.16.1-3
- Resolves: #1963175 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one
in ngx_resolver_copy() when labels are followed by a pointer to a root
domain name
* Mon Nov 23 2020 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-2
- Resolves: #1798230 - CVE-2019-20372 nginx:1.16/nginx: HTTP request smuggling
via error pages in http/ngx_http_special_response.c
* Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1 * Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1
- update to 1.16.1 - update to 1.16.1
- Resolves: #1745697 - CVE-2019-9511 nginx:1.16/nginx: HTTP/2: large amount - Resolves: #1745697 - CVE-2019-9511 nginx:1.16/nginx: HTTP/2: large amount

View File

@ -1,9 +0,0 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier2.functional}
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier3.functional}
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.acceptance-tier.functional}

View File

@ -1,24 +0,0 @@
diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
index 593645d..064ec7a 100644
--- a/src/core/ngx_resolver.c
+++ b/src/core/ngx_resolver.c
@@ -3992,15 +3992,15 @@ done:
n = *src++;
} else {
+ if (dst != name->data) {
+ *dst++ = '.';
+ }
+
ngx_strlow(dst, src, n);
dst += n;
src += n;
n = *src++;
-
- if (n != 0) {
- *dst++ = '.';
- }
}
if (n == 0) {

View File

@ -1,17 +0,0 @@
diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
index 4ffb2cc8ad..76e6705889 100644
--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
@@ -623,6 +623,12 @@ ngx_http_send_error_page(ngx_http_request_t *r, ngx_http_err_page_t *err_page)
return ngx_http_named_location(r, &uri);
}
+ r->expect_tested = 1;
+
+ if (ngx_http_discard_request_body(r) != NGX_OK) {
+ r->keepalive = 0;
+ }
+
location = ngx_list_push(&r->headers_out.headers);
if (location == NULL) {

View File

@ -1,3 +0,0 @@
SHA512 (nginx-1.16.1.tar.gz) = 17e95b43fa47d4fef5e652dea587518e16ab5ec562c9c94355c356440166d4b6a6a41ee520d406e5a34791a327d2e3c46b3f9b105ac9ce07afdd495c49eca437
SHA512 (nginx-logo.png) = d4e739d62ff80df9124ca74c318520f28b50d9b3eed2928575fedaa9357f21f596167ba827a498b984495d6067c789d313a4261475c9e2802a2c55e2f50d55f7
SHA512 (poweredby.png) = 7509986e2ced0f0b77813efdaf51d02cf6716863fd1a767a80bd096065086abb9f0f2691b50a72058cbfa2e3df08759b0deb13e0a0e78de97e314dab315a7cca